Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202939.roa
File:                     AS202939.roa (raw, json)
Hash identifier:          XMTa6z7UTHORhvWmukAgjqXsTzu9QlC8BdLNdWnvO78=
Subject key identifier:   56:C0:F3:F6:58:F0:79:E6:CD:6B:AB:6A:FA:24:3E:D4:D3:DF:51:69
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       748FB58AD6213F9D46B4F7EF09FAE654AB76B952
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202939.roa
Signing time:             Thu 04 Jun 2026 15:58:49 +0000
ROA not before:           Thu 04 Jun 2026 15:53:49 +0000
ROA not after:            Thu 03 Jun 2027 15:58:49 +0000
asID:                     202939
IP address blocks:        2a06:a005:1ba0::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Jun 2026 21:53:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:8f:b5:8a:d6:21:3f:9d:46:b4:f7:ef:09:fa:e6:54:ab:76:b9:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jun  4 15:53:49 2026 GMT
            Not After : Jun  3 15:58:49 2027 GMT
        Subject: CN=56C0F3F658F079E6CD6BAB6AFA243ED4D3DF5169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:6b:02:00:cb:31:01:96:2d:22:cc:9e:a4:c8:
                    12:2c:06:c2:08:4e:73:f1:7a:c0:27:a0:03:f7:98:
                    35:e3:e7:6a:84:82:97:40:99:92:13:fb:94:2d:90:
                    c2:41:1e:29:e7:50:9d:77:8c:28:73:c2:11:bc:80:
                    c2:e1:68:ad:20:0c:8f:ad:a4:7e:b1:07:05:cf:b3:
                    a2:ac:b8:42:84:83:6d:d9:96:7d:4c:f9:f6:95:ec:
                    c8:ac:bd:c8:94:4b:0e:a1:b6:0e:1e:2d:fd:8f:51:
                    0c:32:b3:2a:e6:b5:4c:08:9a:b1:33:31:af:82:c8:
                    33:bd:b3:d8:3a:d6:98:92:75:72:89:c9:ae:06:e7:
                    54:5c:79:22:a6:ad:f6:85:7e:d2:ce:7d:66:23:e8:
                    ce:24:ae:36:00:dc:66:52:60:bc:3c:17:0f:d8:58:
                    c1:f4:f5:51:e8:16:ab:90:97:af:96:cb:99:72:94:
                    82:51:ed:8b:bb:35:69:5a:0a:98:48:f3:16:8f:75:
                    c1:80:11:bf:32:60:db:3a:91:92:1e:ca:53:cb:4e:
                    14:ed:5d:a5:1f:26:f3:d9:22:a0:7a:5e:fd:af:5f:
                    09:34:97:93:76:96:c6:87:4e:10:1b:12:76:7c:8a:
                    fd:e9:d7:f4:42:c3:0d:c8:66:07:5b:d7:15:8a:aa:
                    7f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:C0:F3:F6:58:F0:79:E6:CD:6B:AB:6A:FA:24:3E:D4:D3:DF:51:69
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1ba0::/44

    Signature Algorithm: sha256WithRSAEncryption
         8e:27:56:ac:b1:38:5d:8c:73:ff:84:6d:5c:ed:73:b0:ad:8f:
         aa:9f:65:bf:3c:f1:f5:16:df:12:96:5d:07:43:a8:60:ea:16:
         83:a2:c8:e9:9f:93:9d:7b:7b:75:a0:95:93:57:4e:e5:21:a7:
         44:de:3f:92:a0:9c:13:e1:4c:4e:86:fe:d3:70:cf:8c:9f:79:
         61:94:ca:0e:b4:48:81:06:73:18:e0:50:b1:1c:ba:21:b1:b2:
         a9:8e:6b:fc:4e:31:60:fc:0c:28:f0:55:49:4f:3b:f6:32:b4:
         94:6e:af:fc:23:7e:41:6a:7c:0f:86:67:23:3e:32:f2:34:bb:
         36:0d:9d:d4:10:81:32:17:98:ed:c7:c7:4b:5a:b5:ff:c5:d7:
         69:47:04:61:c8:ff:06:ae:66:19:bf:7d:d1:9b:a8:0e:45:e3:
         78:31:ef:5c:74:9b:8d:96:d1:a7:98:c4:26:6b:cc:80:a8:ea:
         bc:39:9c:ac:98:2d:e4:c4:72:16:73:6d:4e:cf:18:9b:14:60:
         d2:a2:d3:f3:93:ee:30:9e:4e:ae:8e:01:88:d7:fe:74:26:17:
         8e:ce:62:e6:e3:47:3f:e9:9a:89:20:55:9d:19:3d:fb:e8:52:
         29:ea:52:d4:1a:08:08:77:4d:12:45:9d:57:87:d2:07:5c:2a:
         c2:63:50:d5
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUdI+1itYhP51GtPfvCfrmVKt2uVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNDlaFw0yNzA2MDMxNTU4NDlaMDMxMTAvBgNV
BAMTKDU2QzBGM0Y2NThGMDc5RTZDRDZCQUI2QUZBMjQzRUQ0RDNERjUxNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+awIAyzEBli0izJ6kyBIsBsII
TnPxesAnoAP3mDXj52qEgpdAmZIT+5QtkMJBHinnUJ13jChzwhG8gMLhaK0gDI+t
pH6xBwXPs6KsuEKEg23Zln1M+faV7MisvciUSw6htg4eLf2PUQwysyrmtUwImrEz
Ma+CyDO9s9g61piSdXKJya4G51RceSKmrfaFftLOfWYj6M4krjYA3GZSYLw8Fw/Y
WMH09VHoFquQl6+Wy5lylIJR7Yu7NWlaCphI8xaPdcGAEb8yYNs6kZIeylPLThTt
XaUfJvPZIqB6Xv2vXwk0l5N2lsaHThAbEnZ8iv3p1/RCww3IZgdb1xWKqn/7AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUVsDz9ljweebNa6tq+iQ+1NPfUWkwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAyOTM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRugMA0GCSqGSIb3DQEBCwUAA4IBAQCOJ1as
sThdjHP/hG1c7XOwrY+qn2W/PPH1Ft8Sll0HQ6hg6haDosjpn5Ode3t1oJWTV07l
IadE3j+SoJwT4UxOhv7TcM+Mn3lhlMoOtEiBBnMY4FCxHLohsbKpjmv8TjFg/Awo
8FVJTzv2MrSUbq/8I35BanwPhmcjPjLyNLs2DZ3UEIEyF5jtx8dLWrX/xddpRwRh
yP8GrmYZv33Rm6gOReN4Me9cdJuNltGnmMQma8yAqOq8OZysmC3kxHIWc21Ozxib
FGDSotPzk+4wnk6ujgGI1/50JheOzmLm40c/6ZqJIFWdGT376FIp6lLUGggId00S
RZ1Xh9IHXCrCY1DV
-----END CERTIFICATE-----